Application/Control Number: 10/600,388 Page 2 

Art Unit: 2439 

Examiner's Amendment 

1 . An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Gerald Chan on 10/23/08. 

30(Currently Amended) The system of claim [22] 26, wherein means for verifying 
trusted security logic further comprises means for verifying a module name. 

31 (Currently Amended) The system of claim [22] 26^ further comprising: means for 
collecting one or more session parameters; means for comparing the one or more session 
parameters against a set of trusted security parameters defined in a security function; and means 
for returning a result indicating whether the one or more session parameters matches the set of 
trusted security parameters. 

32(Currently Amended) The system of claim [22] 26, further comprising: means for 
receiving information identifying the user; means for prompting the user for a password; means 
for authenticating the user based on information stored in an application program; and means for 
associating the user with a role 
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Reasons for Allowance 

1 . In the previous office action, 3/14/08, stated that claims 9-12 were allowable for "trusted 
security logic is contained in one or more frames of the call stack". The Applicant filed a request 
for reconsideration on 6/16/08, and amended claims 1, 14, and 26 to contain the allowable 
limitation, "trusted security logic is contained in one or more frames of the call stack". Claims 1- 
6, 8-12, 14-19, 21, 26-32 are allowable for the following reasons listed below: 

2. Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance." 

3. Prior art fails to disclose or suggest, "trusted security logic is contained in one or more 
frames of the call stack", an example of prior art that fails to disclose or suggest, "trusted security 
logic is contained in one or more frames of the all stack is Bernstein. Bernstein discloses rather 
than explicitly passing a session identifier from the client to the server with each server call, 
Bernstein implicitly associates each object in the server with a session so that every server call 
automatically runs with the session identifier of the object called. Eliminating the need to pass 
session identification information results in a more efficient call and a simplified object interface. 
Bernstein discloses when loading an object into memory, the newly loaded object is associated 
with a session by a method on the session object itself or on another object that is already 
associated with a session; and a shared cache of object states exists so that if there are two 
objects representing the same persistent object only one copy of the state is required thereby 
eliminating memory intensive duplicate copies of object states for the same object loaded into 
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memory by two different sessions; and each object is partitioned into two parts so that all of the 
object's state is kept separately from its shell or header which simply identifies the object and 
points to its state. Bernstein discloses the implicit session system with an object state cache is an 
object oriented system having a client and a server and generating a session object by a function 
call from the client to the server; establishing the session context as said session object for each 
object subsequently called by the client for a first time subsequent to the step of generating; and 
generating an object state in an object state cache pointed to by respective ones of objects 
generated subsequent to the step of generating the session object. Bernstein fails to disclose or 
suggest database privileges for the user if the trusted security logic is contained in one or more 
frames of the call stack. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to JENISE E. JACKSON whose telephone number is (571)272- 
3791 . The examiner can normally be reached on Increased Flex time, but generally in the office 
M-Fri(8-4:30).. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

October 22, 2008 
/J. E. J./ 

Examiner, Art Unit 2439 
/Kambiz Zand/ 
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